Attacker Value

High

(2 users assessed)

Exploitability

High

(2 users assessed)

User Interaction

CVE-2022-30174

Disclosure Date: June 15, 2022 •

CVE-2022-30174 CVSS v3 Base Score: 7.8

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Privilege Escalation

Techniques

Validation

Abuse Elevation Control Mechanism: Bypass User Access Control

Validated

Abuse Elevation Control Mechanism: Elevated Execution with Prompt

Validated

Hijack Execution Flow

Validated

Hijack Execution Flow: DLL Search Order Hijacking

Validated

Hijack Execution Flow: DLL Side-Loading

Validated

Hijack Execution Flow: Executable Installer File Permissions Weakness

Validated

Difficult to patch Gives privileged access Vulnerable in default configuration Requires user interaction Vulnerable in uncommon configuration

Description

Microsoft Office Remote Code Execution Vulnerability.

Add Assessment

AzyzChayeb (2)

August 22, 2022 1:58pm UTC (1 year ago)

Ratings

Attacker Value

Very High

Exploitability

Very High

Difficult to patch Requires user interaction

See More &1 replySee Less

AzyzChayeb (2) August 22, 2022 1:59pm UTC (1 year ago)•Edited 1 year ago

nu11secur1ty (194)

June 25, 2022 4:56am UTC (1 year ago)•Edited 1 year ago

Ratings

Attacker Value

Medium

Exploitability

Medium

Difficult to patch Gives privileged access Vulnerable in default configuration Vulnerable in uncommon configuration

Technical Analysis

Description:

Microsoft Office Remote Code Execution Vulnerability.
This attack requires a specially crafted file to be placed either in an online directory or in a local network location.
When a victim runs this file, it loads the malicious DLL or EXE file.

WARNING:

Use your Windows Defender turned on and update him regularly!!!

Conclusion:

- So. I’ve decided to test this stupid and forever stupid thing MS Office 365 which is from 7 maybe 10 years just like that. Some things will never change.
Tested on Windows 11.
365 don’t give a f*** what you give him to execute, it depends on the lure…
For the usual users: If you don’t have some virus protection software, you are lost…😯 😝 🤫 😛 😎
STATUS: Medium vulnerability but it is there! Watch out, dear friends! 😎

Proof and Exploit:

href

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

7.8 High

Impact Score:

5.9

Exploitability Score:

1.8

Vector:

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector (AV):

Local

Attack Complexity (AC):

Low

Privileges Required (PR):

None

User Interaction (UI):

Required

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

Vendors

microsoft

Products

365 apps -,
office long term servicing channel 2021

References

Canonical

CVE-2022-30174 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30174)

Miscellaneous

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30174

https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-30174

https://www.nu11secur1ty.com/2022/06/cve-2022-30174.html

Rapid7

High

CVE-2022-30174

High

High

Required

None

Local

CVE-2022-30174

Description

Add Assessment

Ratings

Ratings

Technical Analysis

CVE-2022-30174

Description:

WARNING:

Conclusion:

Proof and Exploit:

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

High

CVE-2022-30174

High

High

Required

None

Local

CVE-2022-30174

Description

Add Assessment

Ratings

Ratings

Technical Analysis

CVE-2022-30174

Description:

WARNING:

Conclusion:

Proof and Exploit:

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification